CVE-2008-6911

BrewBlogger 2.1.0.1 - SQL Injection via loginUsername Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6911. PoCs published by CWH Underground.

AI-analyzed exploit summary This exploit leverages an SQL injection vulnerability in BrewBlogger 2.1.0.1 to bypass authentication and add an arbitrary admin user. It uses a crafted POST request to inject SQL into the login process and another to create the admin account.

Description

SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by CWH Underground · perlwebappsphp

https://www.exploit-db.com/exploits/6023

View Code ZIP pw:eip

This exploit leverages an SQL injection vulnerability in BrewBlogger 2.1.0.1 to bypass authentication and add an arbitrary admin user. It uses a crafted POST request to inject SQL into the login process and another to create the admin account.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: BrewBlogger 2.1.0.1

No auth needed

Prerequisites: magic_quotes_gpc = off · target URL · desired username and password

MITRE ATT&CK